Description
Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence.
Published: 2026-06-26
Score: 7.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An unauthenticated remote information disclosure vulnerability exists in the quantization engine component of the Ollama software, allowing an attacker to read and exfiltrate data from the server's heap memory. This disclosure could expose sensitive information, enable further exploitation, and facilitate stealthy persistence within the system.

Affected Systems

The affected product is Ollama AI: Ollama. Specific version details are not provided in the current advisory, so all deployed instances of Ollama should be considered potentially impacted until an official update is issued.

Risk and Exploitability

The vulnerability permits unauthorized remote attackers to directly read server memory without authentication, a high-impact vector that may lead to data compromise. No CVSS score or EPSS metric is available, and the issue is not listed in the CISA KEV catalog, but the potential for sensitive data exposure and subsequent compromise indicates a significant risk. The likely attack vector is through the network-facing quantization engine exposed by Ollama, which can be accessed by unauthenticated users.

Generated by OpenCVE AI on June 26, 2026 at 17:34 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any available patch or update for the Ollama quantization engine as soon as it is released by the vendor.
  • Restrict network access to the Ollama service by using firewalls or placing it behind a VPN to limit exposure until a patch can be installed.
  • Implement monitoring for anomalous memory access patterns and data exfiltration to detect exploitation attempts early.

Generated by OpenCVE AI on June 26, 2026 at 17:34 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 26 Jun 2026 18:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Fri, 26 Jun 2026 16:00:00 +0000

Type Values Removed Values Added
Description Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence.
Title There exists an unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2026-06-26T18:38:23.503Z

Reserved: 2026-04-07T16:59:20.290Z

Link: CVE-2026-5757

cve-icon Vulnrichment

Updated: 2026-06-26T15:52:23.093Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T17:45:03Z

Weaknesses
  • CWE-200

    Exposure of Sensitive Information to an Unauthorized Actor